Tag: altcoin news

Zcash Bug Could Leak Full Nodes with Shielded IP Addresses

A bug present in all Zcash (ZEC) source code forks could leak metadata—making it possible for IP address of the full nodes’ with shielded addresses (zaddr) to be found.Duke Leto, a core developer at Komodo (KMD), recently published a blog on his personal website revealing that, “A bug has existed for all shielded addresses since the inception of Zcash and Zcash Protocol.” Leto explained, “That is, Alice giving Bob a zaddr to be paid, could actually allow Bob to discover Alice’s IP address. This is drastically against the design of Zcash Protocol.”

A Common Vulnerabilities and Exposures (CVE) code has already been assigned to track the issue on Sept. 27.

According to Leto, everyone who has published or provided their zaddr to a third party is vulnerable—with the exception of users who have only used their zaddr over the Tor Onion Routing network or just to send funds. Leto warns that users should consider their “IP address and geo-location information associated with it as tied to their zaddr.”

Not just Zcash

Leto provided a non-exhaustive list, claiming that Zcash is not the only cryptocurrency affected by the bug. The cryptocurrencies included in the list are— Zcash, Hush, Pirate, Komodo smart chains with zaddr enabled by default, Safecoin, Horizen, Zero, VoteCoin, Snowgem, BitcoinZ, LitecoinZ, Zelcash, Ycash, Arrow, Verus, Bitcoin Private, ZClassic and Anon. Leto added a historical note, “ KMD was vulnerable to this <bug> in the past, but is no longer, since it no longer supports zaddrs. Safecoin (SAFE) took a similar route, and has disabled zaddrs, so they were vulnerable in the past but no longer.

Image via Shutterstock

Singapore Payment Services Act Now in Effect For Crypto Firms

Cryptocurrency firms in Singapore must now operate in compliance with the Payment Services Act which came into effect on Jan. 28.  

The new legislation requires cryptocurrency providers and exchanges to be licensed under some of the same regulatory elements as traditional financial service providers. In addition, crypto firms must also comply with the Financial Advisers Act, Insurance Act, Securities and Futures Act and the Trust Companies Act.

MAS New Rules

According to a press release published on Jan. 28, the new rules place cryptocurrency firms under the oversight of the Monetary Authority of Singapore (MAS).

Loo Siew Yee, Assistant Managing Director, MAS said in the release, “The Payment Services Act provides a forward-looking and flexible regulatory framework for the payments industry. The activity-based and risk-focused regulatory structure allows rules to be applied proportionately and to be robust to changing business models. The PS Act will facilitate growth and innovation while mitigating risk and fostering confidence in our payments landscape.”

Standard Operating Licenses

Essentially, the new regulations require, cryptocurrency and digital asset providers to apply for standard operating licenses that traditional financial firms would also be required to obtain, these include—standard payments institution license; money-changing license and a major payment institution license.

The press release stated that applying these standards to the emerging digital asset services will, “enhance the regulatory framework for payment services in Singapore, strengthen consumer protection and promote confidence in the use of e-payments.”

Image via Shutterstock

Cardano EUTXO Blockchain Upgrade Will Combine the Best Of Bitcoin and Ethereum

Cardano (ADA) has released a detailed outline of how it will implement its smart contracts using the extended UTXO model. The file was shared on founder Charles Hoskinson’s Twitter feed on Jan. 27.

The smart contract implementation is vital to the upcoming Goguen update.

Keeping the Record—UTXO vs Account/Balance Model

Two popular types of record-keeping models in modern blockchain networks are the UTXO model and the Account/Balance Model.

UTXO stands for ‘unspent transaction output’. It is the output of a transaction that a user receives and is able to spend in the future as it is ‘unspent’. UTXO primarily helps to organize a blockchain ledger so that funds cannot be spent twice.

The Bitcoin blockchain works on the principle of a UTXO model and was first developed by Satoshi Nakomoto, although it is not mentioned in the original Bitcoin White Paper. In Bitcoin, each transaction is based on the concept of outputs and inputs which represent specific amounts of Bitcoin. A user’s wallet keeps track of a list of unspent transactions associated with all addresses owned by the user and the balance of the wallet is calculated as the sum of those unspent transactions. The original Bitcoin script relied heavily on UTXO to check wallets for sufficient funds when a transaction was requested.

Ethereum’s blockchain uses the Account/Balance model. This model is the same as a typical bank with the bank tracking how much money each debit card has, and when we need to spend, the bank checks the record to see how much money is left and if it is sufficient for the transaction.

Cardano EUTXO Wants Best Of Both Worlds

According to the research, “Ethereum chose the account model explicitly to  facilitate more expressive smart contracts. On the other hand, Bitcoin chose UTXO for good reasons, including that its semantic model stays simple in a complex concurrent and distributed computing environment.”

Cardano’s proposed EUTXO (Extended UTXO) will be a combination of both models to potentially have “expressive smart contracts while keeping the semantic simplicity of the UTXO model.”

Image via Shutterstock

Exit mobile version